NLnet Labs participates in various research projects which revolve around core Internet infrastructure. Here you can find an overview of the current projects we are participating in.

Root Canary

Description

The Root Canary project is a joint project of seven partners: SURFnet, the University of Twente, Northeastern University, NLnet Labs, SIDN Labs, the RIPE NCC and ICANN. The goal of this project is to monitor and measure the rollover of the DNSSEC root Key Signing Key (KSK), that is due to take place in 2018-2019.

This project has two main goals:

  1. Serve as a virtual canary in the coalmine, that signals problems DNSSEC-validating DNS resolvers may have during the Root KSK rollover process.
  2. Perform comprehensive measurements of the global DNS resolver population during the entire Root KSK rollover process, from the introduction of the new key until the removal of the old key. The results of these measurements can then be analysed after the process completes to draw lessons for future Root KSK rollover events.
More
This project is maintained on rootcanary.org.

LIGHTest

Description

The LIGHTest research project aims to create a global cross-domain trust infrastructure that renders it transparent and easy for verifiers to evaluate electronic transactions. By querying different trust authorities world-wide and combining trust aspects related to identity, business, reputation etc. it will become possible to conduct domain-specific trust decisions.

Funded under the EU’s Horizon 2020 programme, the project brings together fourteen partners from nine countries with a diverse background. NLnet Labs contributes its knowledge and experience of the DNS to the project.

More
You can find more information on lightest.eu and the LIGHTest Community Site.

OpenINTEL

Description

The goal of the OpenINTEL project is to build reliable long-term datasets of the Domain Name System (DNS). Currently, OpenINTEL sends daily queries for a fixed set of common DNS record types for around 65% of the global namespace. Started in 2015 as a collaboration between SURFnet, SIDN and the University of Twente, OpenINTEL has already collected closed to 3 trillion DNS records that can be used to study the constantly evolving Internet.

OpenINTEL uses tools developed by NLnet Labs to power its measurement infrastructure, with LDNS serving as the Swiss army knife to send the billions of DNS queries and parse the result, and Unbound to perform the important task of resolving these queries. NLnet Labs also contributes DNS expertise and custom development for the measurement code of OpenINTEL.

More
You can find more information on OpenINTEL on the project webpage openintel.nl.

SAND

Description

The Self-Managing Anycast Networks for DNS (SAND) project is a collaboration between the University of Twente, SIDN and NLnet Labs. The goal of this project is to create resilient anycast DNS networks that can withstand global outages and large-scale DDoS attacks.

NLnet Labs contributes to SAND with its in-depth knowledge of BGP routing and DNS. In addition to this, NLnet Labs strives to adopt the open source tools developed as part of the SAND project.

More
You can find more information on the SAND project webpage at sand-project.nl.